taguje prijatelje na fb i salje im video

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Napisano: 10 Feb 2015 21:43

E ovako , bratov drug mi je donio lap top i rekao mu da taguje prijatelje na fb i salje im video ...

pokrenuo sam malwarebytes i adwcleaner pronasli su nesto evo logo


[Link mogu videti samo ulogovani korisnici]


[Link mogu videti samo ulogovani korisnici]

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-02-2015
Ran by Nikola (administrator) on NIKOLA-PC on 10-02-2015 21:39:58
Running from C:\Users\Nikola\Downloads
Loaded Profiles: Nikola (Available profiles: Nikola)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: [Link mogu videti samo ulogovani korisnici]

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-961796017-2758668980-3118149753-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = [Link mogu videti samo ulogovani korisnici]
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.2

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_257.dll ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-961796017-2758668980-3118149753-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Nikola\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

Chrome:
=======
CHR StartupUrls: Default -> "https://www.google.com/"
CHR Profile: C:\Users\Nikola\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Nikola\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-20]
CHR Extension: (Google Docs) - C:\Users\Nikola\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-20]
CHR Extension: (Google Drive) - C:\Users\Nikola\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-20]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Nikola\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-20]
CHR Extension: (YouTube) - C:\Users\Nikola\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-20]
CHR Extension: (Google Search) - C:\Users\Nikola\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-20]
CHR Extension: (Google Sheets) - C:\Users\Nikola\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-20]
CHR Extension: (AdBlock) - C:\Users\Nikola\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-11-20]
CHR Extension: (Zyts v1) - C:\Users\Nikola\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilkokhhheojfljonmafiindgakpfnfml [2015-02-06]
CHR Extension: (Ashish Mishra) - C:\Users\Nikola\AppData\Local\Google\Chrome\User Data\Default\Extensions\iphpdofpfakemlbpfdldmanhpikhbald [2015-02-07]
CHR Extension: (Google Wallet) - C:\Users\Nikola\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-20]
CHR Extension: (Gmail) - C:\Users\Nikola\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-20]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2015-02-10] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-11-21] (Malwarebytes Corporation)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-10 21:39 - 2015-02-10 21:40 - 00006704 _____ () C:\Users\Nikola\Downloads\FRST.txt
2015-02-10 21:39 - 2015-02-10 21:40 - 00000000 ____D () C:\FRST
2015-02-10 21:39 - 2015-02-10 21:39 - 01124352 _____ (Farbar) C:\Users\Nikola\Downloads\FRST.exe
2015-02-10 21:30 - 2015-02-10 21:30 - 00001963 _____ () C:\Users\Nikola\Desktop\Adwcleaner.txt
2015-02-10 21:26 - 2015-02-10 21:26 - 00001309 _____ () C:\Users\Nikola\Desktop\malwarebytes.txt
2015-02-10 20:39 - 2015-02-10 20:39 - 00001060 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-18 21:50 - 2015-01-18 21:50 - 00000000 ____D () C:\Users\Nikola\New folder

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-10 21:36 - 2009-07-14 05:34 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-10 21:36 - 2009-07-14 05:34 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-10 21:33 - 2010-11-20 22:01 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-10 21:32 - 2014-11-20 23:20 - 01685547 _____ () C:\Windows\WindowsUpdate.log
2015-02-10 21:29 - 2014-11-20 15:57 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-10 21:29 - 2014-11-20 15:46 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-10 21:28 - 2010-11-20 22:48 - 00007438 _____ () C:\Windows\PFRO.log
2015-02-10 21:28 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-10 21:28 - 2009-07-14 05:39 - 00029367 _____ () C:\Windows\setupact.log
2015-02-10 21:16 - 2014-11-20 15:57 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-10 20:59 - 2014-11-20 16:39 - 00000000 ____D () C:\Users\Nikola\AppData\Roaming\Skype
2015-02-10 20:42 - 2014-11-20 16:17 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-10 20:39 - 2014-11-20 15:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-10 20:39 - 2014-11-20 15:44 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-02-06 20:37 - 2014-11-20 16:03 - 00002129 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-28 17:06 - 2014-11-24 20:08 - 00000000 ____D () C:\Users\Nikola\AppData\Local\Microsoft Games
2015-01-18 21:50 - 2014-11-20 14:28 - 00000000 ____D () C:\Users\Nikola
2015-01-18 21:20 - 2009-07-14 03:37 - 00000000 __RHD () C:\Users\Public\Libraries
2015-01-14 01:42 - 2014-11-20 16:17 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-01-14 01:42 - 2014-11-20 16:17 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-05 02:14

==================== End Of Log ============================

Dopuna: 10 Feb 2015 21:44

[Link mogu videti samo ulogovani korisnici]

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Pozdrav,

Ne vidim tu nista sumnjivo sem ove dve ekstenzije:

CHR Extension: (Zyts v1) - C:\Users\Nikola\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilkokhhheojfljonmafiindgakpfnfml [2015-02-06]
CHR Extension: (Ashish Mishra) - C:\Users\Nikola\AppData\Local\Google\Chrome\User Data\Default\Extensions\iphpdofpfakemlbpfdldmanhpikhbald [2015-02-07]

Znas li cemu sluze? Ako ne, onda obrisi.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Napisano: 11 Feb 2015 12:52

Moracemo drugacije da ih obrrisemo posto ja nmg da udjem u CHR Extension ...kad kliknem kao da mi se refresuje stranica i vrati me na pocetnu.

Dopuna: 11 Feb 2015 12:54

pardon ...ne vrace me na pocetnu nego mi zatvori prozor settings.

Dopuna: 11 Feb 2015 13:09

Obrisacu google chrome i instalirati novi to bi trebalo da obrise ekstenzije , zar ne ?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Trebalo bi.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Hvala ... odradio sam ... i dao sam mu lap top. Pozz